Syrian Electronic Army Target AP’s Twitter Account

On April 23, 2013, the Associated Press’s (AP) Twitter account sent out the following tweet: Breaking: Two Explosions in the White House and Barack Obama is injured. The Twitter account had been hacked, purportedly by the Syrian Electronic Army (SEA).

Over the course of the next three minutes the Dow Jones industrial average suffered a 143 point fall causing a $136 billion crash in the stock market. It it is believed that the massive drop was the outcome of trading algorithms established to make trades based on factors including breaking news that could effect the value of stocks. The tweet was very quickly revealed to be fraudulent and the market reverted back to its original levels.

The SEA hack began with the following phishing email sent to several AP employees:

At least one (if not many) of the AP employees clicked the bogus link and either “logged in” with the AP Twitter credentials or the site dropped malware with some type of spying software to access their credentials. Either way, with the credentials in hand the hackers were able to login to Twitter and the rest is history.

Soon after the hack was uncovered AP was able to gain back access to its Twitter account.

Graph of Down Jones Plunge

Interesting Facts:

At the time of the hack, two factor authentication had yet to be released into the Twitter ecosystem.

The financial software had keyword algorithms set up to look for words like “White House,” “explosion” and “Barak Obama,” which would have triggered the selling.

The AP Twitter hack was one of many prominent Twitter attacks undertaken by the Syrian Electronic Army, including their compromise of NPR, BBC and CBS accounts.